373 research outputs found
One Bad Apple Spoils the Bunch: Exploiting P2P Applications to Trace and Profile Tor Users
Tor is a popular low-latency anonymity network. However, Tor does not protect
against the exploitation of an insecure application to reveal the IP address
of, or trace, a TCP stream. In addition, because of the linkability of Tor
streams sent together over a single circuit, tracing one stream sent over a
circuit traces them all. Surprisingly, it is unknown whether this linkability
allows in practice to trace a significant number of streams originating from
secure (i.e., proxied) applications. In this paper, we show that linkability
allows us to trace 193% of additional streams, including 27% of HTTP streams
possibly originating from "secure" browsers. In particular, we traced 9% of Tor
streams carried by our instrumented exit nodes. Using BitTorrent as the
insecure application, we design two attacks tracing BitTorrent users on Tor. We
run these attacks in the wild for 23 days and reveal 10,000 IP addresses of Tor
users. Using these IP addresses, we then profile not only the BitTorrent
downloads but also the websites visited per country of origin of Tor users. We
show that BitTorrent users on Tor are over-represented in some countries as
compared to BitTorrent users outside of Tor. By analyzing the type of content
downloaded, we then explain the observed behaviors by the higher concentration
of pornographic content downloaded at the scale of a country. Finally, we
present results suggesting the existence of an underground BitTorrent ecosystem
on Tor
A New Stable Peer-to-Peer Protocol with Non-persistent Peers
Recent studies have suggested that the stability of peer-to-peer networks may
rely on persistent peers, who dwell on the network after they obtain the entire
file. In the absence of such peers, one piece becomes extremely rare in the
network, which leads to instability. Technological developments, however, are
poised to reduce the incidence of persistent peers, giving rise to a need for a
protocol that guarantees stability with non-persistent peers. We propose a
novel peer-to-peer protocol, the group suppression protocol, to ensure the
stability of peer-to-peer networks under the scenario that all the peers adopt
non-persistent behavior. Using a suitable Lyapunov potential function, the
group suppression protocol is proven to be stable when the file is broken into
two pieces, and detailed experiments demonstrate the stability of the protocol
for arbitrary number of pieces. We define and simulate a decentralized version
of this protocol for practical applications. Straightforward incorporation of
the group suppression protocol into BitTorrent while retaining most of
BitTorrent's core mechanisms is also presented. Subsequent simulations show
that under certain assumptions, BitTorrent with the official protocol cannot
escape from the missing piece syndrome, but BitTorrent with group suppression
does.Comment: There are only a couple of minor changes in this version. Simulation
tool is specified this time. Some repetitive figures are remove
On the Impact of Practical P2P Incentive Mechanisms on User Behavior
In this paper we report on the results of a large-scale measurement
study of two popular peer-topeer systems, namely BitTorrent and eMule,
that use practical and lightweight incentive mechanisms to encourage
cooperation between users. We focus on identifying the strategic
behavior of users in response to those incentive mechanisms. Our results
illustrate a gap between what system designers and researchers expect
from users in reaction to an incentive mechanism, and how users react to
those incentives. In particular, we observe that the majority of
BitTorrent users appear to cooperate well, despite the existence of
known ways to tamper with the incentive mechanism, users engaging in
behavior that could be regarded as cheating comprised only around 10% of
BitTorrent’s population. That is, although we know that users can
easily cheat, they actually do not currently appear to cheat at a large
enough scale. In the eMule system, we identify several distinct classes
of users based on their behavior. A large fraction of users appears to
perceive cooperation as a good strategy, and openly share all the files
they obtained. Other users engage in more subtle strategic choices, by
actively optimizing the number and types of files they share in order to
improve their standing in eMule’s waiting queues; they tend to
remove files for which downloading is complete and keep a limited total
volume of files shared
I Know Where You are and What You are Sharing: Exploiting P2P Communications to Invade Users' Privacy
In this paper, we show how to exploit real-time communication applications to
determine the IP address of a targeted user. We focus our study on Skype,
although other real-time communication applications may have similar privacy
issues. We first design a scheme that calls an identified targeted user
inconspicuously to find his IP address, which can be done even if he is behind
a NAT. By calling the user periodically, we can then observe the mobility of
the user. We show how to scale the scheme to observe the mobility patterns of
tens of thousands of users. We also consider the linkability threat, in which
the identified user is linked to his Internet usage. We illustrate this threat
by combining Skype and BitTorrent to show that it is possible to determine the
file-sharing usage of identified users. We devise a scheme based on the
identification field of the IP datagrams to verify with high accuracy whether
the identified user is participating in specific torrents. We conclude that any
Internet user can leverage Skype, and potentially other real-time communication
systems, to observe the mobility and file-sharing usage of tens of millions of
identified users.Comment: This is the authors' version of the ACM/USENIX Internet Measurement
Conference (IMC) 2011 pape
- …